<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="utf-8" />
    <title>上传页面</title>
</head>
<body>
<?php
header('Content-type:text/html;charset=utf-8');
if(isset($_POST['submit'])){
    if(is_uploaded_file($_FILES['myfile']['tmp_name'])){
        $arr=pathinfo($_FILES['myfile']['name']);
        @session_start();
        $user =$_SESSION['username'];
        $sqlT=mysqli_query($conn,"select * from user WHERE username='$user'");
        $rowT=mysqli_fetch_array($sqlT);
        
        $newName="wodetouxiang{$rowT['uid']}";
        if(move_uploaded_file($_FILES['myfile']['tmp_name'],"img/{$newName}.{$arr['extension']}")){
            $a="img/{$newName}.{$arr['extension']}";
            echo '恭喜你！上传成功！';
        }else{
            echo '对不起移动文件失败！';
        }
    }else{
        exit('可能有攻击，请你做合法的事情！');
    }
}
?>
<form action="" method="post" enctype="multipart/form-data">
    <input type="file" name="myfile" style="width: 200px"/><br/>
    <input type="submit" name="submit" value="开始上传" />
</form>
</body>
</html>
